package org.bioversityinternational.mgbms.ws.security;

import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;

import org.apache.cxf.interceptor.security.AccessDeniedException;
import org.apache.ws.security.WSPasswordCallback;
import org.bioversityinternational.mgbms.text.TextConstants;

public class ServerPasswordCallback implements CallbackHandler {

    private static final String PASSWORD_PROPERTY_NAME = "auth.manager.password";
    private static String password = TextConstants.get(PASSWORD_PROPERTY_NAME);

    public void handle(Callback[] callbacks) throws AccessDeniedException {

        WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];

        // We can call pc.getIdentifer() right here to check the username
        //     if we want each client to have it's own password.
        if (!pc.getPassword().equals(password))
        	throw new org.apache.cxf.interceptor.security.AccessDeniedException("Wrong password!");
    }

}